/* $OpenLDAP: pkg/ldap/libraries/libldap/bind.c,v 1.15.2.3 2003/03/03 17:10:04 kurt Exp $ */ /* * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved. * COPYING RESTRICTIONS APPLY, see COPYRIGHT file */ /* Portions * Copyright (c) 1990 Regents of the University of Michigan. * All rights reserved. * * bind.c */ /* * BindRequest ::= SEQUENCE { * version INTEGER, * name DistinguishedName, -- who * authentication CHOICE { * simple [0] OCTET STRING -- passwd #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND * krbv42ldap [1] OCTET STRING * krbv42dsa [2] OCTET STRING #endif * sasl [3] SaslCredentials -- LDAPv3 * } * } * * BindResponse ::= SEQUENCE { * COMPONENTS OF LDAPResult, * serverSaslCreds OCTET STRING OPTIONAL -- LDAPv3 * } * */ #include "portable.h" #include <stdio.h> #include <ac/stdlib.h> #include <ac/socket.h> #include <ac/string.h> #include <ac/time.h> #include "ldap-int.h" #include "ldap_log.h" /* * ldap_bind - bind to the ldap server (and X.500). The dn and password * of the entry to which to bind are supplied, along with the authentication * method to use. The msgid of the bind request is returned on success, * -1 if there's trouble. Note, the kerberos support assumes the user already * has a valid tgt for now. ldap_result() should be called to find out the * outcome of the bind request. * * Example: * ldap_bind( ld, "cn=manager, o=university of michigan, c=us", "secret", * LDAP_AUTH_SIMPLE ) */ int ldap_bind( LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *passwd, int authmethod ) { #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ENTRY, "ldap_bind\n", 0, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "ldap_bind\n", 0, 0, 0 ); #endif switch ( authmethod ) { case LDAP_AUTH_SIMPLE: return( ldap_simple_bind( ld, dn, passwd ) ); #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND case LDAP_AUTH_KRBV41: return( ldap_kerberos_bind1( ld, dn ) ); case LDAP_AUTH_KRBV42: return( ldap_kerberos_bind2( ld, dn ) ); #endif case LDAP_AUTH_SASL: /* user must use ldap_sasl_bind */ /* FALL-THRU */ default: ld->ld_errno = LDAP_AUTH_UNKNOWN; return( -1 ); } } /* * ldap_bind_s - bind to the ldap server (and X.500). The dn and password * of the entry to which to bind are supplied, along with the authentication * method to use. This routine just calls whichever bind routine is * appropriate and returns the result of the bind (e.g. LDAP_SUCCESS or * some other error indication). Note, the kerberos support assumes the * user already has a valid tgt for now. * * Examples: * ldap_bind_s( ld, "cn=manager, o=university of michigan, c=us", * "secret", LDAP_AUTH_SIMPLE ) * ldap_bind_s( ld, "cn=manager, o=university of michigan, c=us", * NULL, LDAP_AUTH_KRBV4 ) */ int ldap_bind_s( LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *passwd, int authmethod ) { #ifdef NEW_LOGGING LDAP_LOG ( OPERATION, ENTRY, "ldap_bind_s\n", 0, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "ldap_bind_s\n", 0, 0, 0 ); #endif switch ( authmethod ) { case LDAP_AUTH_SIMPLE: return( ldap_simple_bind_s( ld, dn, passwd ) ); #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND case LDAP_AUTH_KRBV4: return( ldap_kerberos_bind_s( ld, dn ) ); case LDAP_AUTH_KRBV41: return( ldap_kerberos_bind1_s( ld, dn ) ); case LDAP_AUTH_KRBV42: return( ldap_kerberos_bind2_s( ld, dn ) ); #endif case LDAP_AUTH_SASL: /* user must use ldap_sasl_bind */ /* FALL-THRU */ default: return( ld->ld_errno = LDAP_AUTH_UNKNOWN ); } }